Microsoft Says a Chinese 'Gaming Service' Company Is Hacking Xbox Accounts

An anonymous reader shares a report: Since 2015, a Chinese gaming website has been hacking Xbox accounts and selling the proceeds on the open market, according to a complaint filed by Microsoft in federal court on Friday. On its website, iGSKY presents itself as a gaming service company, offering players a way to pay for in-game credits and rare items -- but according to Microsoft, many of those credits were coming from someone else's wallet. The complaint alleges that the company made nearly $2 million in purchases through hacked accounts and their associated credit cards, using purchases as a way to launder the resulting cash. On the site, cheap in-game points are also available for the FIFA games, Forza Horizon 3, Grand Theft Auto V, and Pokemon Go, among others.

New??

[rholtzjr]

They have been doing this on WoW for about a decade. Two phase authentication? Access control list by device?

Re:New??

[Cmdln+Daco]

And it's a pain in the ass for us Casual WoW players.

Blizzard acts like our accounts are valuable Fort Knoxlike entities.

It's just a game, and you make it a hassle to get into the world, Blizzard.

I would bet, though, that Blizzard makes millions of $$ from players who take it too seriously. Hence their authentication hassles.

Re: New??

How is it inconvienant?

You download the phone app, and the very first time you play on a computer, use a browser to connect, etc, it asks you for a code. I've used the app for about a year, and only had to input the authorization code a handful of times.

Vs.

The last time I quit WoW my account was hacked during my absence, all my items were sold to a vendor, and all my gold (a few hundred thousand) transferred to someone else. When I returned Blizzard have me 500g and some green armor, and told me there was nothing else they could do.

Seems like a very few instances of having to get my phone to input a code is a better option than starting over again.

Re: New??

[rholtzjr]

The one and only time it happened to me they restored everything including guild bank and all toons. The only hassle was all items were restored to the mailbox so you spent a couple of days putting everything back where it was. Since an authenticator was added, zero hacks. None of my Blizzard games have been hacked since the authenticator, but that may change sometime in the future.

Hassle?, very little compared to what happens when you get hacked. Really the only disconcerting experience was logging on naked in the middle of nowhere.

Re: New??

Meanwhile at Valve; "You're logging in on a new computer, check your email for your auth code"

Simple, and it works.

Re: New??

Nope.

Email is a bad two-factor authentication route because many services use your email as the primary key in their database. So when something you use (eg yahoo) gets hacked, the hackers now have access to all the passwords, password resets, and two-factor authentication bread crumbs needed to get into those other services and steal them before you get a chance to lock down the yahoo account.

In my case when yahoo was hacked, I hadn't used it for anything in the last 8 years except to recover my license keys for Adobe software. Everything else had been moved to another email system, so yahoo was essentially all spam.

SMS is the only good two-factor key, or an iOS app. I've seen so many idiots use the Android two factor key generator and the problem with that is that, is that people who don't have a compatible phone, are 'encouraged' to use an Android emulator to run the two-factor key program. Great, that's all you need is for the VM image to be downloaded off your computer and now the hackers have access to every single thing you do.

If you use two-factor authentication with a mobile device, make sure your device is not rooted, jailbroken or out of date (and no longer being updated.)

Re:MacOS is not Linux

[BarbaraHudson]

Hint: The OS wars are over. They died of boredom. It's just not interesting any more. Sorry, but the world has moved on, and an OS is just another boring commodity, easily replaced, with less and less to get excited over with each new iteration.

Q: So who won the OS wars?
A: Who gives a sh*t ...

I love PokÃf©mon Go!

[drinkypoo]

Come on, Slashdot. What year is it?

Re: I love PokÃf©mon Go!

2017

Re:I love PokÃf©mon Go!

Next week: Jon Katz returns!

Re:I love PokÃf©mon Go!

Why, it's , of course.

The internet's still an 'experiment'

This modern intranet is still the "wild west". Lot's of ways to steal, the safe's are all crack-able, just like the old bank thiefs using dynamite to open a safe. Humanity continues it's game of good vs. evil.

Re: The internet's still an 'experiment'

All real safes are crackable too you know? Don't even need to break anything either.

Re: MacOS is not Linux

Taco Bell will someday win the restaurant wars. And, we will all be forced to greet each other by waving our hands in little circles without touching and telling each other to "Be well".

MAYBE TRUMP CAN PERSUADE THE NORKS

To do something about these chinese perps. If not, there is no choice but to NUKE EM NOW!

Re: MacOS is not Linux

[JohnFavaloroJr.]

You're a dumb cunt. Probably 22 years old. Doesnt know shit about life. Can't tell your ass from a hole in the ground. Never sudo. Never Debian. Always Ubuntu. Had to get someone else to load the ISO to your USB. Couldn't figure out how to apt-get update. Forgot your SSID and blamed it on Linux. Only GUI, never terminal. User name is 1337 hacker. Suck it bitch. Linux owned you.

What's the Point of Playing

[Captain+Ramage]

What's the point of playing a game if you aren't going to try to beat it? I don't mean beat it by buying your way to success, I mean beat it by using your game skills to build what you need to beat it.

Re:What's the Point of Playing

[Xest]

The same reason people cheat in video games. Some people are such desperate failures at life that they'll go to any extreme to try and convince themselves that they're not just a waste of oxygen.

Meanwhile, everyone else knows the truth.

Re:What's the Point of Playing

[tlhIngan]

What's the point of playing a game if you aren't going to try to beat it? I don't mean beat it by buying your way to success, I mean beat it by using your game skills to build what you need to beat it.

Because games are supposed to be fun, not work. If some idiot level designer makes a boss battle so unfair that after a few attempts I give up in frustration, then it's likely I'll put the game away and never to play it again. Maybe there's a good reward, but I do have a lot of other things to do with my life that the urge to complete the game must battle with the frustration of dying at the same spot for the Nth time.

And yes, I know I'm no good at games. I play on easy mode for that reason - it gives me the best chance of getting through the game. Especially since a lot of games seem to rely on "cheap deaths" or "if you don't hit the button at the exact millisecond, you're too late".

And no, I don't give up easily, but when my time is limited, I expect to make progress. If you have a hard boss battle, OK, but I do expect to see some progress - perhaps I die a little later a few rounds later after figuring out the right moves, and maybe I get all the way so it's at 1% health and die. That's progress. But then if I get stuck at that 1% for the entire hour of my next session, then it's frustrating and I may decide to put it down and do something else - nothing sucks more than spending 5 minutes dodging around and all that only to get screwed over at the end and have to repeat the same old same old over and over again.

Of course, I also find buying my way to victory distasteful and have ranked a lot of freemium games as "don't play as you MUST spend money". But luckily, there are a number of games where money is completely optional - if you have determination you can progress and earn your gold or diamonds and get your way through. Funny enough how the latter games generally are better and have added replay value.

Re:What's the Point of Playing

What's the point of playing a game if you aren't going to try to beat it? I don't mean beat it by buying your way to success, I mean beat it by using your game skills to build what you need to beat it.

Actually I believe the answer is time. I know I can pick up 900 gems\herbs or whatever it is, it doesn't take skill to collect things it takes time, and I don't want to spend 1000 hours clicking to a point because I have other things to do. So you buy gold or whatever, which saves you time and actually do the difficult things that are fun. I never played world of warcraft, but I did do this for FIFA because playing 100 matches for a pack of cards that gave you nothing is the biggest let down because you're losing to RNG.

Re:What's the Point of Playing

Also I would never do this for an actual game, but for a game that's trying to suck you into an unstable market that relies on time rather then skill like starcraft, fighting games, fps.

MFA

[CimmerianX]

Could we please get 2 factor on some of these services that are directly connected to our wallets......please....

Re:MFA

Or perhaps you could be a bit smarter in the meantime and not give your credit cards to such devices to begin with.

Re:MFA

2-factor authentication already exist on this.

Re: MacOS is not Linux

[kurkosdr]

I wouldn't call the OS a commodity when it enforces tight vendor lock-ins.

Re: MacOS is not Linux

Pizza Hut here in Europe.

Re: MacOS is not Linux

[BarbaraHudson]

I suspect that many of us will not use the 3 shells. Expect much profanity as people collect "bad language violation" tickets to wipe their asses.

Re: MacOS is not Linux

[BarbaraHudson]

I wouldn't call the OS a commodity when it enforces tight vendor lock-ins.

Lock-in has nothing to do with whether something is a commodity or not. Example: roundup-ready corn. Last I looked it was both tightly protected via patents and restrictive contracts, and a commodity. Ditto for books, music, movies, smartphones, etc.

Re: MacOS is not Linux

I suspect that the machine won't have enough paper for an ass as big as yours.